security-advisory-0053

This advisory documents a security vulnerability in Arista EOS, for customers who leverage DHCPv6 with a specific relay option configured. The vulnerability is found in EOS where a malformed DHCP packet can lead to an incorrect route being installed. This incorrect route in turn may result in a restart of agents attempting to process the route. The impact, in the form of agent restarts or feature usability, would be specific to the SandL3Unicast, Ira, Arp, or Snmp agents. The exposure is limited to devices with the option for "ipv6 dhcp relay install routes" configured, with the malformed packet directed on a routed port that DHCP Relay is listening on. Arista has not received any report of this issue being exploited in any malicious manner.